We claim: 



1 . A method of classifying a protocol data unit (PDU) comprising the steps of: 

(a) generating a first string and a second string with which to characterize the PDU; 
5 (b) determining a first index associated with the first string and a second index 

associated with the second string, wherein the first index and second index are 
selected from a plurality of indices; and 
(c) selecting an action from a plurality of actions based on the first index and the 
second index, each action being associated with two or more indices of the 
10 plurality of indices. 

2. The method of claim 1 , wherein PDU has one or more fields and the first string and 
second string each comprise one or more bits derived from the one or more fields of 
the PDU. 
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The method of claim 2, wherein the one or more fields are selected from the group 
consisting of: source address, destination address, ingress switch slot number, egress 
switch slot number, ingress port number, egress port number, network layer protocol, 
and transport layer protocol. 

The method of claim 2, wherein the first string comprises one or more bits selected 
from a destination address field of the PDU. 



5. The method of claim 4, wherein the second string comprises one or more bits selected 
25 from a source address field of the PDU. 



6. The method of claim 1, wherein the method further includes the step of generating the 
plurality of actions from policies that characterize a plurality of traffic flows. 
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7. The method of claim 1, wherein the selecting step further comprises the step of using 
the indices as keys into a memory device comprising the plurality of actions. 

8. The method of claim 7, wherein the actions further comprise instructions passing the 
PDU to a PDU destination address and instructions to filter the PDU. 

5 

9. The method of claim 7, wherein the actions further comprise one or more pointers to 
one or more instructions defining the manner in which to process the PDU. 

10. The method of claim 1, wherein the PDU has one or more fields and the step of 

10 determining a first index and the second index further comprises the step of searching 

a tree, wherein one or more fields of the PDU are compared against the nodes of the 
tree. 

1 1 . The method of claim 10, wherein the tree is a Patricia trie. 

15 

12. An apparatus for classifying a protocol data unit (PDU), the apparatus comprising: 
(a) a string generator for generating a first string and a second string with which to 

characterize the PDU; and 
20 (b) an index allocator for retrieving a first index associated with the first string and 

a second index associated with the second string, wherein the first index and 
second index are selected from a plurality of indices. 

13. The apparatus of claim 12, wherein the apparatus further includes a memory device, 
25 operatively coupled to the index allocator, comprising a plurality of actions, each 

action being selected based on two or more indices of the plurality of indices. 

14. The apparatus of claim 12, wherein the first string and second string each comprise 
30 one or more bits derived from one or more fields of the PDU. 



15 



15. The apparatus of claim 14, wherein the one or more fields are selected from the group 
consisting of: a source address, a destination address, an ingress and an egress switch 
slot numbers, an ingress and an egress port numbers, an IP protocol, and a transport 
layer protocols including transmission control protocol (TCP) and user datagram 

5 protocol (UDP). 

1 6. The apparatus of claim 15, wherein the first string comprises one or more bits 
selected from a destination address field of the PDU. 

10 17. The apparatus of claim 16, wherein the second string comprises one or more bits 
selected from a source address field of the PDU. 

18. The apparatus of claim 13, wherein the plurality of actions are derived from policies 
1 5 that characterize a plurality of traffic flows. 

19. The apparatus of claim 13, wherein the plurality of indices are keys into the memory 
device. 

20 20. The apparatus of claim 19, wherein the actions further comprise instructions for 
passing the PDU to a PDU destination address and instructions to filter the PDU. 

21 . The apparatus of claim 19, wherein the actions further comprise one or more pointers 
to one or more instructions defining the manner in which to process the PDU. 

25 

22. The apparatus of claim 12, wherein the index allocator comprises a trie, the trie 
comprising nodes against which one or more fields of the PDU are compared. 

23. A method of classifying a protocol data unit (PDU) comprising the steps of: 

30 (a) generating a first string from source information associated with the PDU; 
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(b) generating a second string from destination information associated with the 
PDU; 

(c) identifying a first QoS action from a plurality of QoS actions based on the first 
string; 

(d) identifying a second QoS action from a plurality of QoS actions based the 
second string; and 

(e) determining a final QoS action from at least one of the first and second QoS 
actions. 

24. The method of claim 1, wherein the step of determining a final QoS action comprises 
applying a hierarchical rule indicating which one of the first and second QoS actions 
has precedence. 

25. The method of claim 2 5 wherein one of the first and second QoS actions is a PDU 
pass action recommending that the PDU be forwarded, and one of the QoS actions is 
a PDU drop action recommending that the PDU be filtered. 

26. The method of claim 3, wherein the hierarchical rule indicates that the PDU drop 
action has precedence over the PDU pass action. 
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